Applications supported by AD CS include Secure/Multipurpose Internet Mail Extensions (S/MIME), secure wireless networks, virtual private networks (VPN), Internet Protocol security (IPsec), Encrypting File System (EFS), smart card logon, Secure Socket Layer/Transport Layer Security (SSL/TLS) and digital signatures.
AD CS, which can be managed through Microsoft Management Console snap-ins or Server Manager, has six components:
CA Web enrollment - connects users to a CA with a Web browser
Certification authorities (CAs) - manages certificate validation and issues certificates
Certificate Enrollment Policy Web Service - allows computers and users to retrieve information about their certificate enrollment policy
Certificate Enrollment Web Service - allows computers and users to enroll certificates using HTTPS
Network Device Enrollment Service - lets network devices without domain accounts retrieve certificates.
Online Responder - responds to requests about a certificate's status